I’m working on a guide focused on securing Linux servers and I’d like to ask you what your essential hardening techniques and tips are? Your feedback would be greatly appreciated

  • boblin@infosec.pub
    link
    fedilink
    English
    arrow-up
    5
    ·
    1 year ago

    The CIS benchmarks for Linux are a good start. There are some off the shelf tools that let you run those, notably linux-bench. Another tool in a similar fashion is lynis. You can also use eBPF tools like callander to examine your workload behaviour and help tighten your seccomp policies.

    Once you’ve established a baseline for your system, you’ll next want to harden your environment. This means network scans, OWASP, etc. As far as off the shelf tools go, OpenVAS is quite popular even in Enterprise environments.

    Finally there’s the continuous security tasks. Continuous package updates, runtime security, log analysis, etc. There are some free tools that cover part of this like Security Onion, but if the price is right a SaaS tool can save you a lot of time.